Mikuni Corporation

Challenges

Mikuni Corporation is a major manufacturing group whose primary business is focused on automotive components. It has expanded aggressively into other domains including aircraft components, patient-care equipment, and general lifestyle manufacturing

Because of this, proprietary data including design documents and manufacturing technology information is critical to maintaining its competitive position, and its relationships with clients and partners would be at risk. “If this data was leaked externally, not only would our market competitiveness decrease, the loss of trust from clients and other damage would threaten the continuity of our business,” says Mikuni’s Shuichi Yamagishi.

To protect the confidentiality of business-critical information, Mikuni originally established a strict data management system in which all technical data was stored in two R&D centers in Odawara and Kikugawa. Other domestic locations are able to access the information through a closed network, and a strong culture of security across the company ensures that data is not leaked.

As the company expanded internationally, with numerous manufacturing centers located in China, North America, and elsewhere, it sought to replicate its domestic data management system to ensure ongoing security. But it found that, for cultural reasons, it was necessary to enhance its processes with advanced IT security technology. “An expansion of international manufacturing bases was essential for business.

However, in those locations, the awareness of risk management regarding the handling of information is not as high as in Japan. Therefore, enhancing and expanding security measures in order to prevent information leakage is one of the essential missions of our global IT group,” explains Mikuni’s Masamitsu Inamori.

“You cannot just deploy security measures and then forget about them. We prepared a system which covers the entire threat-response cycle, from understanding and analyzing communications to planning and implementing countermeasures.”

“Before Deep Discovery, we used its predecessor, Trend Micro™ Threat Management Solution, and we made the switch as soon as Deep Discovery was released. The solution monitors communications to our Odawara and Kikugawa plants and foreign bases, as well as communications to the Internet. In addition to conventional pattern-matching anti-malware measures, the solution with advanced behavioral analysis enables us to discover any malicious communications within our company in their initial stages,” says Inamori.

Deep Discovery is the keystone of Mikuni’s process for addressing security issues. Whenever Deep Discovery’s centralized management console or daily event logs present an alert regarding suspicious or malicious communications, an IT security personnel can dig down the events to pinpoint the location of the device that originated the suspect communications instantly on the console. “Because locating the source of a suspect communication is as simple as clicking the prompts on the screen, even staff with no specialist knowledge can carry it out easily. This is one of Deep Discovery’s major benefits,” says Inamori.

Once source devices are pinpoint, onsite IT personnel must then investigate to specify and correct the root causes. If this cannot be accomplished within two hours, Mikuni’s policy is to re-install the operating system of the affected device, in order to avoid a lengthy investigation and potential operational disruptions. In either case, Deep Discovery is then used to closely monitor all subsequent traffic to and from the affected device, to ensure the problem has been eliminated.

“Although reinstalling the operating system may sound a little extreme, it is essential for our company to promptly solve detected issues and continue business without interruption. We feel that it is an effective approach in terms of not wasting resources in the response,” explains Inamori.

Deep Discovery’s powerful and flexible reporting functions also provide invaluable data to Mikuni’s global IT groups, both to capture network traffic status, and to prepare reports for corporate management. “Reports which carry the seal of approval of a security specialist with the standing of Trend Micro hold much more power to persuade management. There is a particularly high degree of trust and sense of security that there will be no incidents while protected by Trend Micro solutions,” says Inamori.

“Trend Micro provides us with the flexible and prompt support unique to domestic vendors and underpins our security initiatives.”

Results

This system has successfully identified and eliminated security threats on several occasions, including one in which the source of the threat was determined to have been a contaminated USB memory stick. This incident led to a new company rule barring the use of such devices.

“Deep Discovery logs also let us see when employees access sites unrelated to business activities. Based on these URLs found, we set a policy to block access to these sites and complete risk management practices amongst our employees,” explains Inamori. As a result, the company reports that it has almost zero suspicious communications. Deep Discovery has helped to improve the security consciousness of end users and has eliminated the primary factors of risks.

The next step in Mikuni’s security planning is to implement enhanced security measures against increasingly common targeted email attacks, and it is currently investigating methods to achieve this.

“Trend Micro OfficeScan and Deep Discovery Inspector both greatly support our security measures, in an integrated manner; this gives us a tremendous sense of security. We have enormous faith that Trend Micro will continue to provide us with innovative and effective security solutions in the future,” concludes Yamagishi.

“You cannot just deploy security measures and then forget about them. We prepared a system which covers the entire threat-response cycle, from understanding and analyzing communications to planning and implementing countermeasures. ”